from the moving-on dept

So it appears that the mainstage event over the DOJ's ability to force Apple to help it get around the security features of an iPhone is ending with a whimper, rather than a bang. The DOJ has just filed an early status report saying basically that it got into Syed Farook's work iPhone and it no longer needs the court to order Apple to help it comply by writing a modified version of iOS that disables security features.

The government has now successfully accessed the data stored on Farook's iPhone and therefore no longer requires the assistance from Apple Inc. mandated by Court's Order Compelling Apple Inc. to Assist Agents in Search dated February 16, 2016.

There's also an associated one line proposed order that magistrate Judge Sheri Pym will almost certainly sign off on shortly.

And thus... the big showdown between the tech industry and the Justice Department goes nowhere. Just a little over a month after the DOJ swore to a court that it had exhausted all possibilities that didn't involve co-opting Apple to hack its own phones, the DOJ is admitting that the FBI has found a way in. Still, this was just one fight in a war that is still ongoing. It seems fairly clear that the DOJ and FBI expected their side of things to get a lot more support, which is why they chose the Syed Farook case to make a big public stand, rather than one of the many other cases where similar issues are at stake.

However, the overall issue is not over. There are still plenty of questions: What method did the DOJ use to get into Farook's iPhone? And what will happen in the other cases involving iPhones or involving other companies such as Whatsapp? And what will happen as Apple and other companies increasingly strengthen their encryption and security, making it more and more difficult for the FBI to get in?

In short, this is far from over. However, in the short term, the DOJ has learned that it isn't easy to win over public opinion on this issue, which suggests that future battles may play out under the cover of a bit more darkness, as the DOJ seeks to seal various filings and orders off from the public. My guess is that perhaps the next big fight will be in revealing what kinds of orders come through under the cover of darkness.

from the the-fbi-lied-again? dept

When the DOJ announced that the FBI may have miraculously found a way in to Syed Farook's work iPhone after swearing to a court that such a thing was impossible, many people zeroed in on the possibility of "NAND Mirroring" as the technique in question. After all, during a Congressional hearing, Rep. Darrell Issa had gone fairly deep technically (for a Congressperson, at least) in asking FBI Director James Comey if the FBI had tested such a method. Well-known iPhone forensics guru Jonathan Zdziarski wrote up a good blog post explaining why such a technique was the most likely. While recognizing that there are other possibilities, he does a good job breaking down why none of the other possibilities are all that likely, given a variety of facts related to the case (I won't go through all of that -- just go read his post). It's worth a read. It also has a nice quick explanation of NAND mirroring:

This is where the NAND chip is typically desoldered, dumped into a file (likely by a chip reader/programmer, which is like a cd burner for chips), and then copied so that if the device begins to wipe or delay after five or ten tries, they can just re-write the original image back to the chip. This technique is kind of like cheating at Super Mario Bros. with a save-game, allowing you to play the same level over and over after you keep dying. Only instead of playing a game, they’re trying different pin combinations.

However, on Friday, we noted that FBI Director James Comey was already denying this was the method, saying that it "doesn't work." The FBI also "classified" the method in question which raised some additional eyebrows. Either way, Zdziarski was pretty sure that Comey's claim that NAND mirroring doesn't work was bogus:

FBI Director Comey, in a press conference, claims the NAND technique “doesn’t work”; this says more about the credibility of this information than anything. Every expert I’ve consulted (including three hardware forensics firms) believe it works, and multiple firms are still in the process of validating the technique. The amount of time to prep and test this technique alone is proving greater than the month that we’ve been discussing it – it’s very unlikely that any reputable source could have already discredited this method, given how much time and effort it is taking everyone else to fully flesh out and test it. When asked directly if the FBI tried this technique, Comey dodged the question and replied (on the topic of “chip copying”), “I don’t want to say beyond that”, indicating the FBI hadn’t tried it. This speaks volumes about how flippantly the FBI is willing to discount viable methods endorsed by numerous researchers.

This is a simple “concept” demonstration / simulation of a NAND mirroring attack on an iOS 9.0 device. I wanted to demonstrate how copying back disk content could allow for unlimited passcode attempts. Here, instead of using a chip programmer to copy certain contents of the NAND, I demonstrate it by copying the data using a jailbreak. For Farook’s phone, the FBI would remove the NAND chip, copy the contents into an image file, try passcodes, and then copy the original content back over onto the chip.

I did this here, only with a jailbreak: I made a copy of two property lists stored on the device, then copied them back and rebooted after five attempts. When doing this on a NAND level, actual blocks of encrypted disk content would be copied back and forth, whereas I’m working with files here. The concept is the same, and serves only to demonstrate that unlimited passcode attempts can be achieved by back-copying disk content. Again, NO JAILBREAK IS NEEDED to do this to Farook’s device, as the FBI would be physically removing the NAND to copy this data.

Elsewhere Zdziarski also points out that, despite the FBI insisting that it was reaching out to everyone who might be able to help, none of the top researchers in the space have been approached by the FBI (and apparently a few who reached out the other way were rebuffed). Once again, it looks like whatever the FBI is doing with the phone, it's not being particularly upfront with the public (or, potentially, the courts).

from the let's-hold-off-here... dept

While there are 10 (known) cases covering 13 Apple devices that the DOJ is asking Apple to help unlock, there are two "big ones" that are receiving most of the focus. The big one in San Bernardino, which has been put on hold as the FBI claims it may have actually found a way into the phone -- and the one in NY where magistrate judge James Orenstein wrote a wonderful rejection letter for the DOJ's request. The Justice Department has appealed that decision, and the case has been handed over to Judge Margo Brodie.

As in the San Bernardino Matter, the DOJ argues in this case that an All Writs Act order is
appropriate because Apple’s assistance is necessary to effectuate the search warrant issued by the
Court.... (“[T]he government cannot access the contents of the phone and
execute the warrant without Apple’s assistance.”); .... (“The government does not
have any adequate alternatives to obtaining Apple’s assistance.”). This is a disputed issue. Judge
Orenstein concluded in his opinion that that the government “failed to establish that the help it seeks
from Apple is necessary” as required by New York Telephone.... Apple expects to
similarly contest the necessity requirement in connection with the DOJ’s application to this Court.

The iPhone in this case runs an older operating system (iOS 7) than the iPhone in the San
Bernardino Matter (iOS 9). Regardless of what the DOJ concludes regarding whether the method
being evaluated in San Bernardino works on the iPhone here, it will affect how this case proceeds.
For example, if that same method can be used to unlock the iPhone in this case, it would eliminate
the need for Apple’s assistance. On the other hand, if the DOJ claims that the method will not work
on the iPhone here, Apple will seek to test that claim, as well as any claims by the government that
other methods cannot be used.

The outcome of the DOJ’s evaluation will not be known until April 5, when the DOJ
submits its status report in the San Bernardino Matter. In the interim, both the Court and the parties
lack sufficient information to determine the most appropriate way for this matter to proceed. Going
forward without such information would be highly inefficient.

It's becoming increasingly clear that the DOJ and Apple's lawyers are not very happy with each other. Elsewhere in the letter:

The government indicated that it did
not oppose a fourteen day extension of Apple’s deadline to respond to the government’s application
for an All Writs Act order, but did not want to join in Apple’s rationale for such request. The
government further indicated that after Apple filed its letter, the government would review and
consider how to respond.

There is an important point here: hacking into an iPhone 4S running iOS 7 is a lot easier than an iPhone running iOS 9. While the DOJ has used this to argue that Apple should absolutely be willing to help in this case, it actually plays against the DOJ's argument, because it should be much easier for the FBI to figure out a way in without help from Apple, because the protections in iOS 7 were much weaker (iOS 8 is where things got much trickier).

from the lawful-access-opens-a-door-that's-difficult-to-close dept

You may have heard, recently, that the guy who was apparently behind the celebrity nudes hacking scandal (sometimes called "Celebgate" in certain circles, and the much more terrible "The Fappening" in other circles) recently pled guilty to the hacks, admitting that he used phishing techniques to get passwords to their iCloud accounts. But... that's not all that he apparently used. He also used "lawful access" technologies to help him grab everything he could once he got in.

We keep hearing from people who think that just "giving law enforcement only" access to encrypted data is something that's easy to do. It's not. Over and over again, security experts keep explaining that opening up a hole for law enforcement means opening up a hole for many others as well, including those with malicious intent. ACLU technologist Chris Soghoian reminds us of this by pointing to an earlier article about how the guy used a "lawful access" forensics tool designed for police to get access to such data (warning, link may ask ask you to pay and/or disable adblocker):

On the web forum Anon-IB, one of the most popular anonymous image boards for posting stolen nude selfies, hackers openly discuss using a piece of software called EPPB or Elcomsoft Phone Password Breaker to download their victims’ data from iCloud backups. That software is sold by Moscow-based forensics firm Elcomsoft and intended for government agency customers. In combination with iCloud credentials obtained with iBrute, the password-cracking software for iCloud released on Github over the weekend, EPPB lets anyone impersonate a victim’s iPhone and download its full backup rather than the more limited data accessible on iCloud.com. And as of Tuesday, it was still being used to steal revealing photos and post them on Anon-IB’s forum.

Obviously, the situation with encryption on the iPhone is a bit different, but the same basic principle applies. Opening up a door is, by definition, opening up a vulnerability. And we should be very, very, very wary about opening up any kind of vulnerability. It's tough enough to find and close vulnerabilities. Deliberately opening one can be catastrophic.

from the important-stuff dept

Wondering if coverage like ours can really make a difference? In 2014, former Senate staffer Jennifer Hoelzer sent us this unsolicited piece about Techdirt's influence on lawmakers in the SOPA fight. With today's encryption debate now shifting back to Congress, she's given us her support in republishing the story (with a few minor edits) to drive that point home. If you want quantitative data to go with her anecdotal experience, you can see this Harvard study that highlighted Techdirt's influence in that debate. Please help us do the same for the fight over encryption as well.

Hi. My name is Jen... and I was once a Congressional staffer who knew so little about Internet policy that I had no idea how little I knew about Internet policy. (I think this is where you're supposed to supportively say, "Hi, Jen," and reassure me that this is a safe space for me to continue my embarrassing confession. Because it gets worse.)

In late 2010, when my former boss -- U.S. Senator Ron Wyden -- announced that he was putting a hold on the Combating Online Infringement and Counterfeits Act (COICA) – the predecessor to PIPA and later, SOPA -- I not only didn't know how the DNS system worked, I'm not sure I knew what infringement meant. (I'm not proud of these things, but they're true.)

If my boss hadn't involved himself in this issue, odds are I would never have heard of it and, heck, if by some chance I had learned that the Judiciary Committee had unanimously passed legislation giving law enforcement (what their press release called) "important tools" to go after illegal activity, I probably wouldn't have given the issue any thought beyond thinking it was nice that Democrats and Republicans remembered how to work together.

Worse yet, when my chief of staff stopped by my office to let me know that the Senator would be placing a hold on the legislation, I didn't drop what I was doing to alert reporters or ask one of my deputies to pound out a press release. I'm not sure I even looked up from my computer.

Honestly, it didn't occur to me that anyone would consider what my boss did that afternoon news, until I got a Google News Alert that a blog called, Techdirt, had written about it.

Now, in my defense, the above does not mean that I was lazy or willfully ignorant. From the outside, I realize Congress doesn't appear to do anything, but there are so many bills and issues swirling around Capitol Hill at any one time that it's a challenge just to stay on top of the sliver of them that pertains to your job. On an average day, Senator Wyden could go from a breakfast forum on health reform, to a committee hearing on tax reform, to introducing legislation on renewable energy, to questioning the forest service on resources for firefighting, before giving a floor speech on NSA surveillance, and that would just be before noon. So, the odds of my being on top of something that happened in a Committee my boss wasn't assigned to -- like the Judiciary Committee -- were slim.

Furthermore, my deputies and I -- as Wyden's communications director -- could barely keep up with all of the questions and requests we got from reporters. We didn't have the time or resources to tweet about everything he did, let alone proactively promote all of his work. I mean, just writing and distributing a press release can take a few hours, coming up with a messaging strategy, educating reporters, planning events and writing the various one-pagers, FAQs, op-eds and speeches needed to support a successful advocacy campaign can take days, weeks, even months and that's if nothing else is going on (which is rarely the case).

The day Senator Wyden put a hold on COICA, was the same day he introduced legislation to amend the Affordable Care Act with Senator Scott Brown. I was getting inundated with questions from reporters and bloggers wanting to understand "why in the hell he'd do such a thing," plus the Democratic caucus wanted us to put out and promote a statement pushing for the repeal of Don't Ask Don't Tell, which had my deputy tied up, in addition to the various other things that tended to make the end of session a sprint.

I didn't jump at the opportunity to publicize my boss's hold announcement, because I didn't know enough about the issue to judge its news value, let alone explain it to reporters or write a quick press release, and I didn't have the time to learn enough about it to do any of those things before the end of the day. So, I told my chief of staff "great" and went back to talking to reporters about health policy.

Again, I'm not proud of the above story, but I was moved to share it, when I read that Techdirt's coverage of the COICA/PIPA/SOPA debate ultimately cost them more than 50% of their advertising revenue and has since forced them to operate at a loss.

I don't want to imagine a tech debate without Techdirt in it.

I can't even begin to imagine how the COICA/PIPA/SOPA debate would have gone without Mike Masnick and Techdirt's coverage.

But I can imagine where I -- personally -- would have been without Techdirt's coverage. All I have to do is close my eyes and remember November 18, 2010. Now, as much as I'd like to tell you that Mike's November post on Ron Wyden's COICA hold changed everything for me, it didn't. One post couldn't make me an expert on Internet issues any more than a single story could have won the debate. But I can say the more I learned about the issues surrounding COICA and later PIPA and SOPA – and the more confident I grew in my knowledge and ability to explain those issues -- the more involved I got, the more press releases, speeches, FAQ's and blogs I wrote in support of Ron's work, the more reporters I talked to, coverage I influenced, and interviews I secured for the senator.

I can also say, I wouldn't have been able to do any of those things (at least not well) without Mike Masnick and the rest of the guys at Techdirt, because they're the guys who taught me tech policy.

That's not to say, I didn't work with really smart people who taught me a lot, I did and they did; but with Techdirt, I never had to ask a stupid question or admit what I didn't know. (I just kept reading.) Techdirt's posts were consistently straightforward, easy to understand and timely. Sure, another site might put together one or two good posts or a definitive explainer, but reading Techdirt every day was like taking a college course on the issues with every new post helping me understand a new aspect of what I'd learned previously. I often found some of the site's shorter posts and illustrative examples the most helpful, because they were the examples I ultimately used to explain the issues to others. For example, I've yet to find a better way to get someone to see the potential harm bills like SOPA and PIPA can do to free speech than pointing out that Universal once tried to blacklist 50 Cent's personal website, a fact I learned from a 6/21/11 Techdirt post, entitled "Did Universal Music Declare 50 Cent's Own Website A Pirate Site?" (Seriously, that story alone helped me convince at least a dozen – non-tech – reporters to write about the issue, not to mention all of the Hill staffers I shared it with.)

If you care about your privacy and security, you want Techdirt to be at full strength in the encryption debate. You want them to be educating more lawmakers and their staffers (like my former self) to understand these issues and be confident enough in their knowledge to take a stand against invasive government.

I'm donating to Techdirt's campaign because I know where I would have been without their work and I don't want a tech debate to take place without them. I hope you will do the same. It's also a great way to say thanks.

from the gallantly-the-DOJ-chickened-out dept

So now that there's been a little time to process the Justice Department's last minute decision to bail out on the hearing in the San Bernardino case, claiming it was because some mysterious third party had demonstrated a way to hack into Syed Farook's iPhone, it's becoming increasingly clear that (1) the DOJ almost certainly lied at some point in this case and (2) this move was almost entirely about running away from a public relations battle that it was almost certainly losing (while also recognizing that it had a half-decent chance of also losing the court case). Just replace "Sir Robin" with "the DOJ" in the following video.

That said, there are still some things to clear up. First, did the DOJ lie? It seems pretty obvious that it must have. After all, it insisted earlier in the case, multiple times, that it had "exhausted" all other possibilities and "the only" way to get into the phone was with Apple's help. That's certainly raised some eyebrows:

The DOJ and its supporters, of course, will argue that "new shit has come to light, man," but that seems... doubtful. My first thought was that when the FBI said that it had been alerted to a way in over the weekend, it potentially was using the announcement from researchers at Johns Hopkins about a flaw in iMessage encryption. If so, that would be particularly bogus, since everyone admits that the vulnerability found would not apply to this case.

However, there's now a ton of speculation going around about the likely method (and the likely third party) that the FBI is probably using, involving copying the storage off the chip and then copying it back to brute force the passcode without setting off the security features or deleting the data. But, again, this possible solution isn't really new. Just a few weeks ago, during a Congressional hearing, Rep. Darrell Issa quizzed FBI Director James Comey about this very technique (which was so deep in the technical weeds, that many reporters and other policy folks were left scratching their heads):

That video is worth watching, because Director Comey insists, pretty clearly, that there is no way to get into the phone:

Comey: We wouldn't be litigating it if we could [get in ourselves]. We've engaged all parts of the US government to see 'does anyone have a way -- short of asking Apple to do it -- with a 5c running iOS 9 to do this?' and we do not.

At that point Issa starts asking really technical questions about can't the FBI remove the data from the phone to make copies of the storage, putting it with the encryption chip, trying passcodes, and then reflashing the memory before the 10 chance are used up -- thus brute forcing the passcode without setting off the security features. As Issa notes:

If you haven't asked that question, how can you come before this committee and before a federal judge and demand that somebody else invent something if you can't answer the question that your people have tried this? ... I'm asking who did you go to? Have you asked these questions? Because you're expecting to get an order and have somebody obey something they don't want to do and you haven't even figured out if you can do it yourself.

Comey is clearly befuddled by the questions and basically says that he's sure that his people must have thought about this, but he assumes that they're watching and if they haven't thought of this then they'll test it out. But, really, a few people had suggested similar things early on, so if that is the solution then it only adds weight to the idea that the FBI didn't do everything it could possibly do before running to the judge.

Others have questioned the "two week" timeframe for the DOJ to issue a status report to the court, noting that a brand new solution would almost certainly take much longer to test thoroughly before using it on the iPhone in question.

And then there's the other question: if the FBI really has tracked down a new "vulnerability" in Apple's encryption... will it tell Apple about it so that Apple can patch it? Remember, the White House has told the various parts of the federal government that they should have a "bias" towards revealing the flaws so they can be patched... but leaving a "broad exception for 'a clear national security or law enforcement need.'" It's pretty clear from how the DOJ has acted that it believes this kind of hole is a "law enforcement need."

So, if the FBI really did figure out a vulnerability in Apple's encryption, it probably won't actually reveal it -- but I'd imagine that Apple's security engineers are scrambling just the same to see if they can patch whatever flaws there may be here, because that's their job. And, again, that gets back to the point here: there are always some vulnerabilities in encryption schemes, and part of the job of security folks is to keep patching them. And one of the worries with the demand for backdoors is that the introduce a whole bunch of vulnerabilities that they're then not allowed to patch.

Either way, the DOJ's actions here are highly questionable, and it seems pretty clearly an attempt to save face in this round. But the overall fight is far from over.

from the in-case-you-were-wondering dept

While the DOJ may be thinking about ways to weasel out of the San Bernardino fight with Apple, the underlying fight about backdooring encryption remains. The DOJ may focus on other cases, such as the one in NY, where the facts line up a bit more in its favor, or elsewhere. Or we may soon see legislation to backdoor encryption.

We've seen so much confusion and misinformation going around, that I thought it might be useful to create a short "explainer video" that shows why this is such a big deal, and why everyone should be supporting Apple, in this case, against the Justice Department (and against any legislation that requires backdoors). Please check it out and share it.

This is the kind of thing we'd like to do a lot more of, but it takes a fair bit of time to get ready. If you like this and would like to see us do more videos like this, please support our crowdfunding campaign that ends this week...

from the oh-really-now? dept

So, this morning we wrote about a new flaw found in the encryption in Apple's iMessage system -- though it was noted that this wouldn't really have impacted what the FBI was trying to do to get into Syed Farook's work iPhone. However, just a little while ago, the Justice Department asked the court to delay the big hearing planned for tomorrow afternoon, because of this newly disclosed vulnerability:

Since the attacks in San Bernardino on December 2, 2015, the Federal Bureau of Investigation (“FBI”) has continued to pursue all avenues available to discover all relevant evidence related to the attacks.

Specifically, since recovering Farook’s iPhone on December 3, 2015, the FBI has continued to research methods to gain access to the data stored on it. The FBI did not cease its efforts after this litigation began. As the FBI continued to conduct its own research, and as a result of the worldwide publicity and attention on this case, others outside the U.S. government have continued to contact the U.S. government offering avenues of possible research.

On Sunday, March 20, 2016, an outside party demonstrated to the FBI a possible method for unlocking Farook’s iPhone. Testing is required to determine whether it is a viable method that will not compromise data on Farook’s iPhone. If the method is viable, it should eliminate the need for the assistance from Apple Inc. (“Apple”) set forth in the All Writs Act Order in this case.

Accordingly, to provide time for testing the method, the government hereby requests that the hearing set for March 22, 2016 be vacated. The government proposes filing a status report with the Court by April 5, 2016.

This could mean a variety of different things... including that the DOJ is looking for a way "out" of this case without setting the precedent it doesn't want, after discovering that the case and public opinion didn't seem to be going the way the DOJ had hoped it was going to go when it first brought it last month. Either way, there's never a dull moment in this case...

Update: And the judge has accepted the request, meaning the hearing is off. The DOJ put out a statement trying to spin this as being about how they're just really interested in getting into this one phone and not about setting a precedent:

Our top priority has always been gaining access into the phone used by the terrorist in San Bernardino. With this goal in mind, the FBI has continued in its efforts to gain access to the phone without Apple's assistance, even during a month-long period of litigation with the company. As a result of these efforts, an outside party demonstrated to the FBI this past weekend a possible method for unlocking the phone. We must first test this method to ensure that it doesn't destroy the data on the phone, but we remain cautiously optimistic. That is why we asked the court to give us some time to explore this option. If this solution works, it will allow us to search the phone and continue our investigation into the terrorist attack that killed 14 people and wounded 22 people.

Of course, that statement is more misleading bullshit from the DOJ. It's pretty clear that the DOJ is just trying to get out of this case as it's realized that the original plan completely backfired, and they were likely to lose.

Update 2: Okay, the court has officially posted its decision to grant the DOJ's request. You can see it below as well.

from the encryption-is-hard dept

One of the points that seems to be widely misunderstood by people who don't spend much time in computer security worlds, is that building secure encryption systems is really hard and almost everything has some sort of vulnerability somewhere. This is why it's a constant struggle by security researchers, cryptographers and security engineers to continually poke holes in encryption, and try to fix up and patch systems. It's also why the demand for backdoors is idiotic, because they probably already exist in some format. But purposely building in certain kinds of backdoors that can't be closed by law almost certainly blasts open much larger holes for those with nefarious intent to get in.

Case in point: over the weekend, computer science professor Matthew Green and some other researchers announced that they'd discovered a serious hole in the encryption used for Apple's iMessage platform, allowing a sophisticated hacker to access encrypted messages and pictures. And, Green, who has been vocal about the ridiculousness of the DOJ's request against Apple, notes how this is yet more evidence that the DOJ's request is a bad idea:

“Even Apple, with all their skills — and they have terrific cryptographers — wasn’t able to quite get this right,” said Green, whose team of graduate students will publish a paper describing the attack as soon as Apple issues a patch. “So it scares me that we’re having this conversation about adding back doors to encryption when we can’t even get basic encryption right.”

It's worth noting that the flaw that he and his team found would not have helped the FBI get what it wants off of Syed Farook's iPhone, but it's still a reminder of just how complex cryptography currently is, at a time when people are trying to keep everyone out. Offer up any potential backdoor, and you're almost certainly blasting major holes throughout the facade.

Apple is getting ready to push out a software update that will fix the flaw shortly. And this, alone, is yet another reason why the DOJ's case is so dangerous -- since the method it wants to use to get into Farook's phone is via its capabilities to push software updates. Patching software holes is a major reason to accept regular software updates, but the FBI is now trying to co-opt that process to install unsafe code. That, in turn, may prompt people to avoid software updates altogether, which in most cases will make them less safe.

from the well-this-could-get-interesting dept

In all the discussions about Apple v. the FBI, a few people occasionally ask what would happen if Apple's engineers just refused to write the code demanded (some also ask about writing the code, but purposely messing it up). And now it appears that at least some Apple engineers are thinking about just this scenario. According to the NY Times:

Apple employees are already discussing what they will do if ordered to help law enforcement authorities. Some say they may balk at the work, while others may even quit their high-paying jobs rather than undermine the security of the software they have already created, according to more than a half-dozen current and former Apple employees.

As the NY Times notes, these details certainly add some pretty hefty weight to the First Amendment arguments about "compelled speech" that Apple has made (and that the EFF doubled down on in its amicus brief). As for what then would happen... that's up to the court, but it's likely that the court would find Apple in contempt and/or start fining it. But that still leaves open the question of how does it comply if not a single engineer is willing to help out.